Editor’s Note: This article was originally published on November 12, 2017, and was updated with more recent information on February 17, 2018.
Traditionally, an SSL certificate was only considered an essential part of website infrastructure if you ran an eCommerce business or a site that required users to log in using personal details via a security gateway.
After all, these were the websites that were taking online payments and collecting the personal information of their visitors – so they needed to be secure for the sake of themselves and their customers.
But now, SSL certificates are getting a lot more attention, especially since Google announced “Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.” In a minute, we’ll talk more about why this is such a big deal, but first, we’ll step back a bit and give an overview of SSL
What is SSL?
In short, SSL (Secure Sockets Layer) is the standard security technology that is used to establish an encrypted link between a web server and a browser. It’s the security protocol that – in theory – prevents an unscrupulous third party from intercepting important data, such as passwords and credit card details.
Websites that have an SSL certificate installed, and secure HTTPS web pages enabled, display a prominent badge of honor in the form of a green padlock (as shown above using Google’s Chrome browser for the Amazon website).
Why are SSL certificates getting a lot more attention?
Back in August 2014, Google announced that it was stepping up its efforts to make the Internet a safer place, and as a result, it would start taking into account whether sites use secure, encrypted connections as a signal in its search ranking algorithms.
Fast forward to 2017 and it’s evident that Google has made good on its promise.
In May, Moz’s Pete Meyers revealed that 50% of Google’s page one search results are now HTTPS. That’s up from 30% since Moz last checked in July 2016. A striking increase in less than a year, and a tell-tale-sign that security via SSL certification factors highly in ranking websites.
Moreover, if this trend continues, roughly 65% of Google’s page one search results could be HTTPS by the end of the year.
This chart from Moz shows how the number of HTTPS results has been steadily rising:
Another interesting observation is the fact that the above graph doesn’t show any sudden jumps, suggesting that the change is due to websites steadily adopting HTTPS, and not a major Google algorithm update that happened overnight.
Fast forward again to 2018. As we mentioned earlier, Google has stated that Chrome browsers will do more than just take away the green padlock on HTTP sites. It will actually include a message in the browser omnibox, right next to the site’s URL, that the site is not secure.
What will this look like? Google shared an image that compares what things look like today in Chrome versus what they will look like after July 2018:
That doesn’t exactly send a reassuring message to your users, does it?
To remedy this situation, all you need to do is get an SSL installed on your site. Many hosting providers will set an SSL up for you once you purchase the certificate.
Also, web hosts are starting to offer hosting packages that include an SSL as part of their base setup. (And they can probably thank Google for the extra business they are getting.)
What are the other advantages associated with having an SSL certificate?
If a potential search engine ranking boost wasn’t enough, SSL certificates afford a number of other advantages for websites too.
1. Added security
First and foremost, SSL and HTTPS-enabled web pages add an extra layer of security to your site. By encrypting the data that is passed back and forth from your web server to a visitor’s browser, SSL ensures that sensitive information cannot be intercepted by unscrupulous individuals or cyber-criminals.
2. Greater trust
That little green padlock symbol instills trust in the people who visit your website. It shows them that you care about their online security and have taken the necessary steps to ensure their personal information remains secure. This is something web users value more and more, with every reported website hack or security breach they hear of.
And when you consider that Google Chrome now shows the words “Not Secure” when a user logs onto a website that doesn’t have an SSL certificate and collects passwords or credit card information, having one installed is now more important than ever when it comes to trust.
3. A must for accepting online payments
If your business accepts online card payments, your website needs an SSL certificate with at least 128-bit encryption to meet with current Payment Card Industry regulations.
Customers use online credit card payments more today than they ever have, and your website needs to be keeping their information safe at all times.
What will an SSL certificate cost me?
As with most things, the cost of SSL certificates varies widely and you definitely get what you pay for. Some online companies offer them for as little as $4.99 (£3.86) a year! And while these certificates might be absolutely fine, a much more realistic cost from a reputable company with customer support is about $70 – $100 (£55 – £80).
Are SSL certificates easy to install?
If you’re not sure what you’re doing, SSL certificates can be tricky to install. That’s because all the permalinks on your site will be changed to use HTTPS, and that can have an impact on your social proof, like the number of shares a page has had on social networks, and the internal links that are present on your site.
That’s why it’s a good idea to check whether the company you are purchasing the SSL certificate from also provides an installation service and whether that’s part of the package. Otherwise, you could end up with a broken website that you’ll inevitably need to get fixed.
So should I purchase an SSL certificate?
That ultimately depends on the nature of your business, but the short answer is yes.
Given the fact that Google favors HTTPS web pages, you could score a quick ranking win over your competition by implementing an SSL certificate – especially if they haven’t got one.
SSL certification is now a key factor for your website ranking highly on search engines, giving peace of mind to your customers and assurance to you that the security of your web presence will not be compromised.